steinarb / ratatoskr / #17

Committed 26 Nov 2024 07:40PM UTC coverage: 96.714% (+0.2%) from 96.487%

Build # #17

Build Type

push

Committed by

Commit Message

Replace "select *" with selects of list of explicit column names

Run Details

6 of 6 new or added lines in 1 file covered. (100.0%)

4 existing lines in 2 files now uncovered.

412 of 426 relevant lines covered (96.71%)

0.97 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

86.36

/ratatoskr.web.api/src/main/java/no/priv/bang/ratatoskr/web/api/resources/LoginResource.java

/*
 * Copyright 2023-2024 Steinar Bang
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and limitations
 * under the License.
 */
package no.priv.bang.ratatoskr.web.api.resources;

import static no.priv.bang.ratatoskr.services.RatatoskrConstants.*;

import java.util.Base64;
import java.util.Optional;

import javax.inject.Inject;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.InternalServerErrorException;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.web.util.SavedRequest;
import org.apache.shiro.web.util.WebUtils;
import org.osgi.service.log.LogService;
import org.osgi.service.log.Logger;

import no.priv.bang.authservice.definitions.AuthserviceException;
import no.priv.bang.osgiservice.users.User;
import no.priv.bang.osgiservice.users.UserManagementService;
import no.priv.bang.ratatoskr.services.RatatoskrService;
import no.priv.bang.ratatoskr.services.beans.Credentials;
import no.priv.bang.ratatoskr.services.beans.Loginresult;

@Path("")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public class LoginResource {

    private Logger logger;

    @Inject
    ServletContext webcontext;

    @Context
    HttpServletRequest request;

    @Inject
    RatatoskrService ratatoskr;

    @Inject
    UserManagementService useradmin;

    @Inject
    void setLogservice(LogService logservice) {
        this.logger = logservice.getLogger(LoginResource.class);
    }

    @POST
    @Path("/login")
    public Loginresult login(@QueryParam("locale")String locale, Credentials credentials) {
        var subject = SecurityUtils.getSubject();
        var username = credentials.username();
        var decodedPassword = new String(Base64.getDecoder().decode(credentials.password()));

        var token = new UsernamePasswordToken(username, decodedPassword, true);
        try {
            subject.login(token);
            var savedRequest = Optional.ofNullable(WebUtils.getSavedRequest(request));
            var contextpath = webcontext.getContextPath();
            var originalRequestUrl =  savedRequest
                .map(SavedRequest::getRequestUrl)
                .map(url -> url.replace(contextpath, ""))
                .orElse("/");
            var authorized = subject.hasRole(RATATOSKRUSER_ROLE);
            if (authorized) {
                ratatoskr.lazilyCreateAccount(username);
            }

            var user = useradmin.getUser(username);

            return Loginresult.with()
                .success(true)
                .errormessage("")
                .authorized(authorized)
                .user(user)
                .originalRequestUrl(originalRequestUrl)
                .build();
        } catch(UnknownAccountException e) {
            logger.warn("Login error: unknown account", e);
            return Loginresult.with().success(false).errormessage(ratatoskr.displayText("unknownaccount", locale)).build();
        } catch (IncorrectCredentialsException  e) {
            logger.warn("Login error: wrong password", e);
            return Loginresult.with().success(false).errormessage(ratatoskr.displayText("wrongpassword", locale)).build();
        } catch (LockedAccountException  e) {
            logger.warn("Login error: locked account", e);
            return Loginresult.with().success(false).errormessage(ratatoskr.displayText("lockedaccount", locale)).build();
        } catch (AuthenticationException e) {
            logger.warn("Login error: general authentication error", e);
            return Loginresult.with().success(false).errormessage(ratatoskr.displayText("unknownerror", locale)).build();
        } catch (Exception e) {
            logger.error("Login error: internal server error", e);
            throw new InternalServerErrorException();
        } finally {
            token.clear();
        }
    }

    @GET
    @Path("/logout")
    public Loginresult logout(@QueryParam("locale")String locale) {
        var subject = SecurityUtils.getSubject();
        subject.logout();

        return Loginresult.with()
            .success(false)
            .errormessage(ratatoskr.displayText("loggedout", locale))
            .user(User.with().build())
            .build();
    }

    @GET
    @Path("/loginstate")
    public Loginresult loginstate(@QueryParam("locale")String locale) {
        var subject = SecurityUtils.getSubject();
        var username = (String) subject.getPrincipal();
        var success = subject.isAuthenticated();
        var harRoleRatatoskruser = subject.hasRole(RATATOSKRUSER_ROLE);
        var brukerLoggetInnMelding = harRoleRatatoskruser ?
            ratatoskr.displayText("userloggedinwithaccesses", locale) :
            ratatoskr.displayText("userloggedinwithoutaccesses", locale);
        var melding = success ? brukerLoggetInnMelding : ratatoskr.displayText("usernotloggedin", locale);
        var user = findUserSafely(username);
        return Loginresult.with()
            .success(success)
            .errormessage(melding)
            .authorized(harRoleRatatoskruser)
            .user(user)
            .build();
    }

    User findUserSafely(String username) {
        try {
            return useradmin.getUser(username);
        } catch (AuthserviceException e) {
            return User.with().build();
        }
    }

}

1	/*
2	* Copyright 2023-2024 Steinar Bang
3	*
4	* Licensed under the Apache License, Version 2.0 (the "License");
5	* you may not use this file except in compliance with the License.
6	* You may obtain a copy of the License at
7	*
8	* http://www.apache.org/licenses/LICENSE-2.0
9	*
10	* Unless required by applicable law or agreed to in writing,
11	* software distributed under the License is distributed on an "AS IS" BASIS,
12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13	* See the License for the specific language governing permissions and limitations
14	* under the License.
15	*/
16	package no.priv.bang.ratatoskr.web.api.resources;
17
18	import static no.priv.bang.ratatoskr.services.RatatoskrConstants.*;
19
20	import java.util.Base64;
21	import java.util.Optional;
22
23	import javax.inject.Inject;
24	import javax.servlet.ServletContext;
25	import javax.servlet.http.HttpServletRequest;
26	import javax.ws.rs.Consumes;
27	import javax.ws.rs.GET;
28	import javax.ws.rs.InternalServerErrorException;
29	import javax.ws.rs.POST;
30	import javax.ws.rs.Path;
31	import javax.ws.rs.Produces;
32	import javax.ws.rs.QueryParam;
33	import javax.ws.rs.core.Context;
34	import javax.ws.rs.core.MediaType;
35
36	import org.apache.shiro.SecurityUtils;
37	import org.apache.shiro.authc.AuthenticationException;
38	import org.apache.shiro.authc.IncorrectCredentialsException;
39	import org.apache.shiro.authc.LockedAccountException;
40	import org.apache.shiro.authc.UnknownAccountException;
41	import org.apache.shiro.authc.UsernamePasswordToken;
42	import org.apache.shiro.web.util.SavedRequest;
43	import org.apache.shiro.web.util.WebUtils;
44	import org.osgi.service.log.LogService;
45	import org.osgi.service.log.Logger;
46
47	import no.priv.bang.authservice.definitions.AuthserviceException;
48	import no.priv.bang.osgiservice.users.User;
49	import no.priv.bang.osgiservice.users.UserManagementService;
50	import no.priv.bang.ratatoskr.services.RatatoskrService;
51	import no.priv.bang.ratatoskr.services.beans.Credentials;
52	import no.priv.bang.ratatoskr.services.beans.Loginresult;
53
54	@Path("")
55	@Consumes(MediaType.APPLICATION_JSON)
56	@Produces(MediaType.APPLICATION_JSON)
57	public class LoginResource {	1✔
58
59	private Logger logger;
60
61	@Inject
62	ServletContext webcontext;
63
64	@Context
65	HttpServletRequest request;
66
67	@Inject
68	RatatoskrService ratatoskr;
69
70	@Inject
71	UserManagementService useradmin;
72
73	@Inject
74	void setLogservice(LogService logservice) {
75	this.logger = logservice.getLogger(LoginResource.class);	1✔
76	}	1✔
77
78	@POST
79	@Path("/login")
80	public Loginresult login(@QueryParam("locale")String locale, Credentials credentials) {
81	var subject = SecurityUtils.getSubject();	1✔
82	var username = credentials.username();	1✔
83	var decodedPassword = new String(Base64.getDecoder().decode(credentials.password()));	1✔
84
85	var token = new UsernamePasswordToken(username, decodedPassword, true);	1✔
86	try {
87	subject.login(token);	1✔
88	var savedRequest = Optional.ofNullable(WebUtils.getSavedRequest(request));	1✔
89	var contextpath = webcontext.getContextPath();	1✔
90	var originalRequestUrl = savedRequest	1✔
91	.map(SavedRequest::getRequestUrl)	1✔
92	.map(url -> url.replace(contextpath, ""))	1✔
93	.orElse("/");	1✔
94	var authorized = subject.hasRole(RATATOSKRUSER_ROLE);	1✔
95	if (authorized) {	1✔
96	ratatoskr.lazilyCreateAccount(username);	1✔
97	}
98
99	var user = useradmin.getUser(username);	1✔
100
101	return Loginresult.with()	1✔
102	.success(true)	1✔
103	.errormessage("")	1✔
104	.authorized(authorized)	1✔
105	.user(user)	1✔
106	.originalRequestUrl(originalRequestUrl)	1✔
107	.build();	1✔
108	} catch(UnknownAccountException e) {	1✔
109	logger.warn("Login error: unknown account", e);	1✔
110	return Loginresult.with().success(false).errormessage(ratatoskr.displayText("unknownaccount", locale)).build();	1✔
111	} catch (IncorrectCredentialsException e) {	1✔
112	logger.warn("Login error: wrong password", e);	1✔
113	return Loginresult.with().success(false).errormessage(ratatoskr.displayText("wrongpassword", locale)).build();	1✔
114	} catch (LockedAccountException e) {	×
115	logger.warn("Login error: locked account", e);	×
116	return Loginresult.with().success(false).errormessage(ratatoskr.displayText("lockedaccount", locale)).build();	×
117	} catch (AuthenticationException e) {	×
118	logger.warn("Login error: general authentication error", e);	×
119	return Loginresult.with().success(false).errormessage(ratatoskr.displayText("unknownerror", locale)).build();	×
120	} catch (Exception e) {	×
121	logger.error("Login error: internal server error", e);	×
UNCOV 122	throw new InternalServerErrorException();	×
123	} finally {
124	token.clear();	1✔
125	}
126	}
127
128	@GET
129	@Path("/logout")
130	public Loginresult logout(@QueryParam("locale")String locale) {
131	var subject = SecurityUtils.getSubject();	1✔
132	subject.logout();	1✔
133
134	return Loginresult.with()	1✔
135	.success(false)	1✔
136	.errormessage(ratatoskr.displayText("loggedout", locale))	1✔
137	.user(User.with().build())	1✔
138	.build();	1✔
139	}
140
141	@GET
142	@Path("/loginstate")
143	public Loginresult loginstate(@QueryParam("locale")String locale) {
144	var subject = SecurityUtils.getSubject();	1✔
145	var username = (String) subject.getPrincipal();	1✔
146	var success = subject.isAuthenticated();	1✔
147	var harRoleRatatoskruser = subject.hasRole(RATATOSKRUSER_ROLE);	1✔
148	var brukerLoggetInnMelding = harRoleRatatoskruser ?	1✔
149	ratatoskr.displayText("userloggedinwithaccesses", locale) :	1✔
150	ratatoskr.displayText("userloggedinwithoutaccesses", locale);	1✔
151	var melding = success ? brukerLoggetInnMelding : ratatoskr.displayText("usernotloggedin", locale);	1✔
152	var user = findUserSafely(username);	1✔
153	return Loginresult.with()	1✔
154	.success(success)	1✔
155	.errormessage(melding)	1✔
156	.authorized(harRoleRatatoskruser)	1✔
157	.user(user)	1✔
158	.build();	1✔
159	}
160
161	User findUserSafely(String username) {
162	try {
163	return useradmin.getUser(username);	1✔
164	} catch (AuthserviceException e) {	1✔
165	return User.with().build();	1✔
166	}
167	}
168
169	}

steinarb / ratatoskr / #17

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous